It takes a village of CIOs, software architects, users, independent software vendors (ISVs), developers and cloud providers to address the problem set that the bring your own device (BYOD) movement generates.

Download this free guide

The Benefits of a DevOps Approach

Bringing development and IT ops together can help you address many app deployment challenges. Our expert guide highlights the benefits of a DevOps approach. Explore how you can successfully integrate your teams to improve collaboration, streamline testing, and more.

On-premises and cloud-based BYOD management tools are available and gaining in maturity, but the majority of enterprise teams are still playing catch-up with in-house BYOD policies. This column reviews the device management tool scene and then lays out 10 BYOD management best practices.

Status of BYOD management tools today

About 60% of workers today access company data on their smartphones and tablets, but only a third of businesses have implemented management tools and processes for those devices, reported Ovum's 2013 Bring-Your-Own survey of 4,371 employees in businesses in 19 countries.

"People are bringing their own devices, but in many cases they and their companies are not taking care of those devices and the applications on them appropriately," said Richard Absalom, consumer impact technology analyst at Ovum. Only about 30% of businesses have any type of BYOD management in place. "Obviously, a large proportion is probably going unmanaged," he said.

Only about 30% of businesses have any type of BYOD management in place.

BYOD management offers plenty of opportunities for application developers, ISVs and cloud providers, Absalom said. "There's a big demand for cloud services to cover enterprise mobility management," he said, citing Fiberlink's MaaS360 as an example of a cloud-based EMM provider's service. Entrepreneurial ISVs moved quickly into the area with cloud-based BYOD management tools, examples being Armor5, MobileSafe and Cisco-acquired Meraki. There's still room for innovation, even though major vendors -- IBM, HP, Dell, Microsoft and others -- have entered the market, he added. Also, the majority of the mobility management vendors will have a mix of cloud and on-premises offerings to cope with the different demands.

Enterprise BYOD best practices

Before choosing tools, CIOs and their DevOps teams have some analysis and strategizing to do. These tips from experts cover best practices for enterprise BYOD management. The experts canvassed include Krish Kupathil, CEO of AgreeYa Mobility; Ovum's Absalom and others.

2. Make policy guidelines clear and compliance mandatory. The policy should be legal and the rules clear to all employees about joining, leaving or altering participation in a BYOD program, Kupathil said. Absalom advised requiring signatures on BYOD policy agreements: "Everyone must agree legally to uphold the policies and to their device getting locked if it gets lost, stolen or compromised," he said.

3. Mobile devices offer an array of technologies, ranging from Global Positioning System (GPS) receivers to cameras and audio recorders. Policies should cover the use of these features as they relate to work. It's not just data loss that's a concern. Consider the loss of intellectual property if a smartphone video is made of in-development application screenshots, or the legal implications of smartphone videos of executives in compromising positions.

4. Policies regarding usage of insecure Wi-Fi networks have to make provisions for the limitations of their security measures. Some networks could be labeled off-limits, based on security alerts, for example. Obviously the business must ensure that personal devices are in line with the enterprise security standards. Encryption and access control are musts on any device where business-related data resides, according to Kupathil.

5. Develop loss, theft and exit policies, along with technical issues, raise the security stakes. Balance these features and risks to protect users' personal information and your own business reputation. Absalom explained: "When an employee leaves, say in sales, and they take all of the contacts on their personal phone, that is a big corporate asset that goes missing."

6. Make sure top executives' devices are covered by and adhere to BYOD policies.. Execs normally have more access to secure information, so their devices and usage can present a big risk. Being proactive is imperative in this case, because CIOs and CEOs often are early adopters of new gadgets.

7. If you create credentials for your users (like usernames and passwords), create them securely. For example, Kupathil said, a short number string might be an appropriate token for authenticating a user on a game scoreboard, but the same credential wouldn't be appropriate for a social networking app.

8. If BYOD policies and management technologies are in place, all appropriate employees should have access to devices. "The enterprises should allow employees broader device choice and cover part of the device cost," Kupathil said. "This will automatically increase participation and, eventually, decrease the operational cost."

9. Create clear policies on which devices can be used. "BYOD does not mean that employees should bring whatsoever device they have and expect it to be included with the system," Kupathil said. "Not all are enterprise-ready."

10. The organization's bandwidth for testing devices and enterprise applications running on them certainly impacts the decision on which and how many devices can be permitted, said software tester Peter Walen. So, it's important include quality assurance and test managers in BYOD policy discussions.

What are your or your team's problems with or best practices for managing BYOD? Send them to editor@searchcloudapps.com.

2 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Thanks Jan, great article! And I quite agree with your comments that 'It takes a village of CIOs, software architects, users, ... to address the problem set that the bring your own device (BYOD) movement generates'.

Aren't the 10 steps mentioned too onerous for everyone involved?

Something simpler is required, where the user doesn't have to make security decision, nor have to install big brother agents on the device to make sure that they are making the right security decision.

I highly suggest looking deeper into Armor5. We make it very simple to adopt BYOD with none of the hassles mentioned here in. Give it a quick try, nothing to loose, no software to install within corporate premise or on the device.

I'm surprised though that the basic ability to securely print is one of them. A device is only so secured if data has an insecure outlet as pervasive as printing.

I ask also because I work at a breezy.com and we give users the ability to print securely and easily from the managed devices. We value device and BYOD management solutions and are integrated with most of the top ones.